From 9b6b51d2200e67c1a493a8ca8cd4a620fdf19e53 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Fri, 9 Jan 2026 18:02:32 +0000
Subject: [PATCH 01/13] ci(release): Switch from action-prepare-release to
 Craft

This PR migrates from the deprecated action-prepare-release to the new
Craft GitHub Actions (reusable workflow or composite action).

Changes:
- Migrate .github/workflows/publish-release.yaml to Craft reusable workflow
---
 .github/workflows/changelog-preview.yml | 13 ++++++++
 .github/workflows/publish-release.yaml  | 43 ++++++-------------------
 2 files changed, 23 insertions(+), 33 deletions(-)
 create mode 100644 .github/workflows/changelog-preview.yml

diff --git a/.github/workflows/changelog-preview.yml b/.github/workflows/changelog-preview.yml
new file mode 100644
index 000000000..1ed102130
--- /dev/null
+++ b/.github/workflows/changelog-preview.yml
@@ -0,0 +1,13 @@
+name: Changelog Preview
+on:
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - edited
+    - labeled
+jobs:
+  changelog-preview:
+    uses: getsentry/craft/.github/workflows/changelog-preview.yml@v2
+    secrets: inherit
diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index a1931d3bb..c704ea285 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -1,44 +1,21 @@
 name: Prepare Release
-
 on:
   workflow_dispatch:
     inputs:
       version:
-        description: Version to release
-        required: true
+        description: Version to release (or "auto")
+        required: false
       force:
-        description: Force a release even when there are release-blockers (optional)
+        description: Force a release even when there are release-blockers
         required: false
       merge_target:
-        description: Target branch to merge into. Uses the default branch as a fallback (optional)
+        description: Target branch to merge into
         required: false
-        default: master
-
-permissions:
-  contents: read
-
 jobs:
   release:
-    runs-on: ubuntu-latest
-    name: Release version
-    steps:
-      - name: Get auth token
-        id: token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
-        with:
-          app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
-          private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
-
-      - uses: actions/checkout@v6
-        with:
-          token: ${{ steps.token.outputs.token }}
-          fetch-depth: 0
-
-      - name: Prepare release
-        uses: getsentry/action-prepare-release@v1
-        env:
-          GITHUB_TOKEN: ${{ steps.token.outputs.token }}
-        with:
-          version: ${{ github.event.inputs.version }}
-          force: ${{ github.event.inputs.force }}
-          merge_target: ${{ github.event.inputs.merge_target }}
+    uses: getsentry/craft/.github/workflows/release.yml@v2
+    with:
+      version: ${{ inputs.version }}
+      force: ${{ inputs.force }}
+      merge_target: ${{ inputs.merge_target }}
+    secrets: inherit

From 07d32769b81e4ba48636b54c9acd1adda3919891 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Fri, 9 Jan 2026 23:17:26 +0000
Subject: [PATCH 02/13] ci(release): Restore GitHub App token authentication

The previous migration incorrectly removed the GitHub App token
authentication step. This commit restores it by switching to the
composite action pattern which preserves the auth flow.
---
 .github/workflows/publish-release.yaml | 27 ++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index c704ea285..2a12191aa 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -13,9 +13,24 @@ on:
         required: false
 jobs:
   release:
-    uses: getsentry/craft/.github/workflows/release.yml@v2
-    with:
-      version: ${{ inputs.version }}
-      force: ${{ inputs.force }}
-      merge_target: ${{ inputs.merge_target }}
-    secrets: inherit
+    runs-on: ubuntu-latest
+    name: Release a new version
+    steps:
+    - name: Get auth token
+      id: token
+      uses: actions/create-github-app-token@v1
+      with:
+        app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
+        private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
+    - uses: actions/checkout@v4
+      with:
+        token: ${{ steps.token.outputs.token }}
+        fetch-depth: 0
+    - name: Prepare release
+      uses: getsentry/craft@v2
+      env:
+        GITHUB_TOKEN: ${{ steps.token.outputs.token }}
+      with:
+        version: ${{ inputs.version }}
+        force: ${{ inputs.force }}
+        merge_target: ${{ inputs.merge_target }}

From 5c6957df486752ba74562b34e98f185d37bef46e Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Sat, 10 Jan 2026 00:29:32 +0000
Subject: [PATCH 03/13] fix: Pin actions to SHA and add permissions blocks

---
 .github/workflows/changelog-preview.yml | 4 ++++
 .github/workflows/ci.yml                | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/changelog-preview.yml b/.github/workflows/changelog-preview.yml
index 1ed102130..5883c004c 100644
--- a/.github/workflows/changelog-preview.yml
+++ b/.github/workflows/changelog-preview.yml
@@ -7,6 +7,10 @@ on:
     - reopened
     - edited
     - labeled
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   changelog-preview:
     uses: getsentry/craft/.github/workflows/changelog-preview.yml@v2
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f1102d63d..c18ca6fff 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v2
         with:
           fetch-depth: 2
 

From 87fe28594e4ec2986270dd4f6ba784645f119207 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Sat, 10 Jan 2026 01:35:58 +0000
Subject: [PATCH 04/13] fix: Use correct action version SHAs (restore original
 versions)

---
 .github/workflows/ci.yml               | 2 +-
 .github/workflows/publish-release.yaml | 4 ++--
 .github/workflows/static-analysis.yaml | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c18ca6fff..50a35d8d6 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v2
         with:
           fetch-depth: 2
 
diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index 2a12191aa..f3ee34c75 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -18,11 +18,11 @@ jobs:
     steps:
     - name: Get auth token
       id: token
-      uses: actions/create-github-app-token@v1
+      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
       with:
         app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
         private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
       with:
         token: ${{ steps.token.outputs.token }}
         fetch-depth: 0
diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml
index ba6ffe12c..1f3133ba1 100644
--- a/.github/workflows/static-analysis.yaml
+++ b/.github/workflows/static-analysis.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2

From a96a3eb41ce857747aed8bd2d046ebed162461c1 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Sat, 10 Jan 2026 02:04:58 +0000
Subject: [PATCH 05/13] fix: Use correct action version SHAs (restore original
 versions)

---
 .github/workflows/ci.yml               | 2 +-
 .github/workflows/publish-release.yaml | 4 ++--
 .github/workflows/static-analysis.yaml | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 50a35d8d6..d50ae1b88 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2
         with:
           fetch-depth: 2
 
diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index f3ee34c75..60c708b6e 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -18,11 +18,11 @@ jobs:
     steps:
     - name: Get auth token
       id: token
-      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
+      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2 # v2
       with:
         app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
         private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
       with:
         token: ${{ steps.token.outputs.token }}
         fetch-depth: 0
diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml
index 1f3133ba1..8b35139b1 100644
--- a/.github/workflows/static-analysis.yaml
+++ b/.github/workflows/static-analysis.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2

From caeef8a52fcee4968452710785af65b88f0dc3c9 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Mon, 12 Jan 2026 12:31:26 +0000
Subject: [PATCH 06/13] fix: Clean up action version comments

---
 .github/workflows/ci.yml               | 2 +-
 .github/workflows/publish-release.yaml | 4 ++--
 .github/workflows/static-analysis.yaml | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d50ae1b88..016128b14 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
         with:
           fetch-depth: 2
 
diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index 60c708b6e..f3ee34c75 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -18,11 +18,11 @@ jobs:
     steps:
     - name: Get auth token
       id: token
-      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2 # v2
+      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
       with:
         app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
         private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
+    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
       with:
         token: ${{ steps.token.outputs.token }}
         fetch-depth: 0
diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml
index 8b35139b1..1f3133ba1 100644
--- a/.github/workflows/static-analysis.yaml
+++ b/.github/workflows/static-analysis.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2

From 16a613828eb4268845f8b6967bd65e9d12497b30 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <ben@byk.im>
Date: Tue, 13 Jan 2026 22:46:22 +0000
Subject: [PATCH 07/13] Update Craft SHA to
 1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce

---
 .github/workflows/publish-release.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index f3ee34c75..6d6636f38 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -27,7 +27,7 @@ jobs:
         token: ${{ steps.token.outputs.token }}
         fetch-depth: 0
     - name: Prepare release
-      uses: getsentry/craft@v2
+      uses: getsentry/craft@1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce
       env:
         GITHUB_TOKEN: ${{ steps.token.outputs.token }}
       with:

From b7ee68ae6344846667b019ddb63b10aba62eaa9a Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <ben@byk.im>
Date: Tue, 13 Jan 2026 23:05:59 +0000
Subject: [PATCH 08/13] Add explicit permissions block to publish-release.yaml

---
 .github/workflows/publish-release.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index 6d6636f38..78670702d 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -11,6 +11,10 @@ on:
       merge_target:
         description: Target branch to merge into
         required: false
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   release:
     runs-on: ubuntu-latest

From 983b95313caac934e9c2729b9b6bae6cc0c1b8f3 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <ben@byk.im>
Date: Tue, 13 Jan 2026 23:16:38 +0000
Subject: [PATCH 09/13] Revert permissions changes to publish-release.yaml

---
 .github/workflows/publish-release.yaml | 54 ++++++++++++++------------
 1 file changed, 29 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index 78670702d..a1931d3bb 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -1,40 +1,44 @@
 name: Prepare Release
+
 on:
   workflow_dispatch:
     inputs:
       version:
-        description: Version to release (or "auto")
-        required: false
+        description: Version to release
+        required: true
       force:
-        description: Force a release even when there are release-blockers
+        description: Force a release even when there are release-blockers (optional)
         required: false
       merge_target:
-        description: Target branch to merge into
+        description: Target branch to merge into. Uses the default branch as a fallback (optional)
         required: false
+        default: master
+
 permissions:
-  contents: write
-  pull-requests: write
+  contents: read
 
 jobs:
   release:
     runs-on: ubuntu-latest
-    name: Release a new version
+    name: Release version
     steps:
-    - name: Get auth token
-      id: token
-      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
-      with:
-        app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
-        private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
-      with:
-        token: ${{ steps.token.outputs.token }}
-        fetch-depth: 0
-    - name: Prepare release
-      uses: getsentry/craft@1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce
-      env:
-        GITHUB_TOKEN: ${{ steps.token.outputs.token }}
-      with:
-        version: ${{ inputs.version }}
-        force: ${{ inputs.force }}
-        merge_target: ${{ inputs.merge_target }}
+      - name: Get auth token
+        id: token
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        with:
+          app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
+          private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}
+
+      - uses: actions/checkout@v6
+        with:
+          token: ${{ steps.token.outputs.token }}
+          fetch-depth: 0
+
+      - name: Prepare release
+        uses: getsentry/action-prepare-release@v1
+        env:
+          GITHUB_TOKEN: ${{ steps.token.outputs.token }}
+        with:
+          version: ${{ github.event.inputs.version }}
+          force: ${{ github.event.inputs.force }}
+          merge_target: ${{ github.event.inputs.merge_target }}

From 18eeda504486170854e7dcfa711cc7357f5acc19 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Wed, 14 Jan 2026 00:06:44 +0000
Subject: [PATCH 10/13] fix: revert extraneous changes to non-release workflow
 files

---
 .github/workflows/ci.yml               | 2 +-
 .github/workflows/static-analysis.yaml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 016128b14..f1102d63d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@v6
         with:
           fetch-depth: 2
 
diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml
index 1f3133ba1..ba6ffe12c 100644
--- a/.github/workflows/static-analysis.yaml
+++ b/.github/workflows/static-analysis.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@v6
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2

From 6e2bacff7380723565b362194d0ce10d7917802e Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <byk@sentry.io>
Date: Wed, 14 Jan 2026 11:59:00 +0000
Subject: [PATCH 11/13] build(craft): Fix release workflows and config

---
 .github/workflows/publish-release.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index a1931d3bb..bc91f556b 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -35,7 +35,7 @@ jobs:
           fetch-depth: 0
 
       - name: Prepare release
-        uses: getsentry/action-prepare-release@v1
+        uses: getsentry/craft@1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce
         env:
           GITHUB_TOKEN: ${{ steps.token.outputs.token }}
         with:

From d63f8c94274b61ba89f7065779e82a676a2b6f02 Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <ben@byk.im>
Date: Wed, 14 Jan 2026 13:16:54 +0000
Subject: [PATCH 12/13] build(craft): Update Craft action to c6e2f04

---
 .github/workflows/publish-release.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml
index bc91f556b..bff6fefe1 100644
--- a/.github/workflows/publish-release.yaml
+++ b/.github/workflows/publish-release.yaml
@@ -35,7 +35,7 @@ jobs:
           fetch-depth: 0
 
       - name: Prepare release
-        uses: getsentry/craft@1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce
+        uses: getsentry/craft@c6e2f04939b6ee67030588afbb5af76b127d8203
         env:
           GITHUB_TOKEN: ${{ steps.token.outputs.token }}
         with:

From d974d748192a0f54d87db67f56ac0355b226d4fd Mon Sep 17 00:00:00 2001
From: Burak Yigit Kaya <ben@byk.im>
Date: Wed, 14 Jan 2026 22:21:37 +0000
Subject: [PATCH 13/13] chore: add unlabeled trigger to changelog-preview

---
 .github/workflows/changelog-preview.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/changelog-preview.yml b/.github/workflows/changelog-preview.yml
index 5883c004c..30c6083c6 100644
--- a/.github/workflows/changelog-preview.yml
+++ b/.github/workflows/changelog-preview.yml
@@ -7,6 +7,7 @@ on:
     - reopened
     - edited
     - labeled
+    - unlabeled
 permissions:
   contents: write
   pull-requests: write